Checkmarx Blog

21 Awesome Talks and Resources on Security and DevOps

As we wrote about last week, the explosion of DevOps – with 88% of businesses saying they’ve adopted or will adopt DevOps within the next five years – has made it clear that we need to tightly integrate security in the fast-paced, iterative cultures that are DevOps organizations.   We can’t fight DevOps, if we

Read More »

8 Problems Every Application Security Program Leader Has To Tackle

Despite the astounding rise in cybercrime and hacking incidents worldwide, the modern Application Security Program Leader faces numerous bumps and obstacles on a daily basis within his organization. Application security has come a long way in the last decade, but the inherited limitations of the traditional solutions are not making life easy.

Read More »

Security and DevOps: How To Get Started

The Rise of DevOps   The methods we use to develop software have gone through radical transformations over the last five years. ‘Slow and steady’ has evolved into quick and agile methodologies like DevOps.   Based on disrupting the silos between Developers and Operations, DevOps embraces the idea of a shared culture of trust, collaboration

Read More »

SAST vs WAF – 5 Reasons To Opt For SAST

With the industrialization of cybercrime and rise in hacking severity, the value of traditional application security techniques is imploding. The Web Application Firewall (WAF), considered as a go-to security solution until not long ago, is currently experiencing a constant erosion in its effectiveness. On the other hand, Static Application Security Testing (SAST) solutions are gaining momentum.  

Read More »

Proactive AppSec

The Ten Commandments of Proactive Application Security

When you’re constantly reacting to suspicious alerts and fixing vulnerabilities only after they’ve been exploited, you’re missing the point of application security.   Application security, according to Wikipedia, “encompasses the measures taken throughout the code’s life-cycle to prevent gaps in the security policy of an application or the underlying vulnerabilities… of the application.” The practice

Read More »

Android Application Security Sucks! Here’s what to do about it

Brought to you by Appsec Labs and Checkmarx.  Android Platform Security Essentials Android…. It is no longer just a mobile phone. Nowadays Android applications are running anywhere and everywhere. Home Appliances, watches, TVs, car applications and with the Internet of Things kicking in quickly, Android applications will probably become even more prevalent in our lives.

Read More »

cyber security blogs

29 Cyber Security Blogs You Should Be Reading

Staying up-to-date is important for lots of reasons, but when you’re a Cyber Security professional, knowing about the latest tech, breaches, vulnerabilities,etc. is pretty much essential to your career. If you miss out on an important piece of news, your organization could miss out on much more.   More than just knowing what’s going on,

Read More »

Application Security Testing – Automated Vs Manual

The massive rise in the number of web and mobile applications in recent years has indirectly led to an inferno of cybercrime that aims to exploit application-layer vulnerabilities. Organizations have a wide range of security products at their disposal today, but they are often unable to decide between automated and manual application security testing. This

Read More »

Inflight Security is more than just a life vest

Are you afraid of flying? The following information won’t make you feel any safer. Inflight Entertainment systems (IFE) have evolved significantly over the years. Nowadays you can actually connect via your own mobile device to the IFE system and watch TV series, movies or just listen to music and see the flight status. Sounds good,

Read More »

Application Security Metrics: Where (And Why) To Begin?

A wise man once said, “to measure is to know…if you cannot measure it, you cannot improve it.” When it comes to application security, measurements are crucial to the success of your program. But determining how to best combine your measurements into metrics which show your programs value is much more important. As a CISO

Read More »

Jump to Category